/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us
|
/pcq/media/post_attachments/3246e2d2125e305892b0ced5f2566fb132f2768e8963650c3397a3e4f7337ce8.jpg)
For the IT implementer, security has become something of a nightmare. Every day brings with it a fresh list of exploits and vulnerabilities. Every new mail coming in to your setup is a fresh threat. Every link that a user clicks on on a random Web page is a security threat.
To get a quick perspective, there were 4129 vulnerabilities catalogued by CERT in 2002. Trends indicate that, if anything, these numbers will increase manifold in the times to come. It is not enough to blame the vendors for creating insecure products. Given the fact that we really do not have a choice in this matter, how do you handle such a situation? Whether you are running a global network or are responsible for just one PC, there are some commonalities in the approach that you need
to take. And lessons from other aspects of life could hold valuable insights on how to handle the situation.
In life, security has been a constant concern from day one. Else, we would not have cash boxes and bank vaults and walls and security guards and armies. So, the first lesson in handling network security is that concerns are never going to go away completely. Fresh threats will always evolve.
It gave me a bit of a shock to recently learn that the basic design principle behind locks is not to secure for ever. A better lock just ensures that it takes longer to break it down; that is all. You need accompanying alarm systems that will alert you to take action before the lock gets broken. Similarly, you cannot create foolproof network-security systems. You can just create systems that will take longer and longer to break into. You need alarm systems and plans for corrective action when a breach happens.
Even the best of locks have to be oiled and serviced regularly to keep them up to their task. Similarly, your security systems need constant maintenance to be up to the task that they are meant for.
A single-layer security plan does not work. The best of security plans, depend on multiple layers and fallback options that get activated once an alert is triggered. In fact, these plans assume that the cordons are not failure safe and will get breached.
Good security is as much a state of mind is it is about systems and processes. ¨
Krishna Kumar